Subversion Repositories oidplus

TODO April 2022:

- Encrypt the private key in the config table using an auto-generated keyfile in userdata/secret.php (or similar)

	Make sure that all procedures that access the private key are able to use a passphrase

New Object Type plugins:

- FourCC aka OSType

- LSID ?

- International Geo Sample Number ?

Treeview / Navigation:

- In the tree, let the operator create "shortcuts" to important OIDs?

- Define "critical" OIDs which should always be visible; this means: the tree will always be extended so that these OIDs are shown?

SECURITY Improvements:

- Small security issue: A visitor can check which plugins are installed by either entering a "goto" command (e.g. "oidplus:vnag_version_check")

  and see which error message appears, or they could try to enter "plugin/adminPages/..." using the web browser and see if the result is HTTP 200 or HTTP 404.

- BCrypt

	Make #rounds and length of admin password configurable (pre-baseconfig?)

	Include dev/bcrypt_cost_calculator somewhere in the configuration page?

	... At least give a hint to the documentation, so they know how to run the tool and how to enter the cost in the configuration (for RA and Admin)

	... or in the setup page make an extra control how complex the admin password should be? but be aware that nobody enters a too big number (it makes DoS possible!)

IDEAS FOR NEW FUNCTIONALITIES

- Admin plugin "Attachments" with following functionalities:

	* Show every object and its attachments, so that the admin knows what's going on

	  (Alternatively they can just look in the userdata directory using FTP)

	* Give the ability to enable/disable RA uploading/deleting

	  (Alternatively they need to do it in the configuration module and enter '0' and '1' by hand)

- Make a plugin that shows warnings from plugins (via "feature-interface"), e.g. the registration plugin could warn that CURL is not working correctly etc.

	But it should also have JavaScript components, e.g. check if dev/ and other confidential folders can be accessed (see code in setup/)

	And what can we do with checks that need a long time to compute?

	Also offer VNag?

- Excel/CSV import tool for bulk data import (as alternative to XML import. Maybe previous Excel->XML import tool?)

- External Syslog server

LDAP / OAUTH

- Implement other OAuth providers?

	Try out https://github.com/SocialConnect/auth

	     or https://github.com/hybridauth/hybridauth

- Credentials and API-Keys should be protected or obfuscated or encrypted? (JoomlaKeychainKeychain?)

TINYMCE

- mce dirty flag: call performCloseQueryCB()/performCloseCB(), if ...

	OK:   The page (browser tab) is about to be closed or the page is reloaded

	      => TinyMCE uses the window.onbeforeunload event

	TODO: The browser navigation buttons are clicked

	      => This only works PARTIALLY. Preventing popstate() works and no data is lost,

	         but the browser will think that it was successful!!

	OK:   When a node at the jsTree is clicked (conditional select)

	OK:   In the openOidInPanel() function, i.e. when you enter something into the goto-bar.

- critical bug: open page, edit tiny mce, click save. Then F5 reload (not Ctrl+F5): then the old content is there again. Except if you press Ctrl+F5

	(cannot be reproduced anymore? tested with firefox and chrome)

- TinyMCE "isDirty" does not correctly work on Internet Explorer: It always reports "dirty"

	see bug https://github.com/tinymce/tinymce/issues/6048

- The "is dirty" check should also include the "Title" input box

WHOIS

- webwhois: beside TXT/XML/JSON more output modi?  CSV, S/MIME  (and add the S/MIME keypurpose to the X.509 certificates)

- whois query 'oid:' should show all root entries (subordinate entries), but there is only the message "not found"

SETUP

- There should be a "test database connection" button

	=> however, this button could be abused to brute-force database connections,

	   and even abusing the server to connect (brute-force) to foreign database servers

DATA TRANSFER PLUGIN

- XML import: Let the user decide if existing OIDs shall be overwritten

- XML import: Let the user decide if RAs should be created

- XML import: Let the user decide if "created=now" should be set

- XML import: Waiting animation

- XML import: If output (errors) is too long, show them in a page rather than an alert() box

SMALL THINGS

- Let the user create shortcuts to any OIDplus-Goto-URLS (e.g. important OIDs) directly in the menu, without writing a plugin?

- Auto open some nodes automatically, or open until a specific level (like done in the Resources plugin?)

- Let the JavaScript value "oidplus_menu_width" being modified by a design plugin and/or the database config.

  A plugin can already do this by using htmlHeaderUpdate() and creating an inline JavaScript to modify the global variable "oidplus_menu_width"

- At a lot of forms, if you press "enter", the "form" will not be submitted (e.g. "create ra" plugin), cannot reproduce?

- Default language selection: Either always en-US, or automatical selection depending on browser language, or depending on admin setting (e.g. german companies offer a german repository by default)?

- system log plugin: Only show 100 events and let the user switch pages. To avoid that you load a page with 10000+ log entries!

- Alpine Linux SVN update: I get the error "svn: warning: W000013: Can't open file '/root/.subversion/servers': Permission denied", although "whoami" is "apache"! (Maybe because the initial checkout was done by root?!)

- AutoUpdate via cron?

- cron.sh: set a global flag that tells the plugins whether we are calling from crontab,

  so that auto publishing et al prefer cron calls and only execute their code

  for random visitors, if the crontab is not running.

- Login page etc.: If user clicks on a tab, then the gotoedit and static link should change to e.g. "oidplus:login$admin" or "oidplus:login$ra", respectively.

        $('#static_link').attr("href", "index.php?goto="+encodeURIComponent(id));

        $("#gotoedit").val(id);

- Add show_waiting_anim() and hide_waiting_anim() to all AJAX queries, like it is done in plugin "Software update"

- #gotobutton should have the same top and height as #gotoedit

- RA address data: Country selection box like in OIDInfo

	Possible data source: https://datahub.io/core/country-list#resource-data

- offer signature checker tool to verify WHOIS responses

- minimum menu expansion level: make it configurable for all objects and plugins, e.g. so that when you open OIDplus, all OIDs till level 2 are expanded

- Revive the idea of "information objects" = OIDs that contain content (key-value)

- API : Make a function that checks if a RA exists, and use it everywhere where needed

- Object type plugins : take care that "treeicon.png" and "icon_big.png" exist everywhere (become standard)

- freeoid: gmail app does not hyperlink the activation URL. why?

- how to avoid invite spamming?

- when a PHP error happens (i.e. the AJAX script did not manage to output a JSON), the AJAX script outputs "Error: SyntaxError: Unexpected token < in JSON at position 0" ... better show the user the actual message, or something more user-friendly at least

- when login expired, remove entries in the treeview

- disable specific functions (e.g. invite, login, rainfo, forgot password) if the plugins are not installed (check if class type is registered using class_exists())

- <abbr> in <code> is double underlined; that's not good

- if you have multiple identifiers, how do you tell the system which identifier should be the preferred one?

- show whois links only if folder "whois/" exists

- disable autocomplete on some forms

- graphical improvements of forms (input edits aligned)

- "Documents" section: Make documentation for usage of OIDplus (for members only)

- admin config more user friendly, e.g. having the enable/disable object type stuff (like in registration wizard) also in the admin control panel

- it would be good if after the login, the opened nodes in the tree would stay open

- html checkbox: make use of "label for"

- when javascript fails, the form will be submitted to './' , that is not good! failed javascript must return false, so that the form does not get submitted

- admin: show privacy entries from RAs (but grey, so you know that it is private)

- admin should be able to edit contact data of a foreign RA [XXX isn't that already implemented?]

- freeoid: hide asn.1 and iri columns, because the RA is not allocating these identifiers?

- .... maybe we should have a list of OIDs where the OID does not allocate ASN.1/IRI identifiers... then we can also make use of the OID-WHOIS attributes

- Privacy flag of RAs: Should there be more privacy levels, e.g. that you don't show your personal name etc.?

- You should be able to change the "created" date for an object! Or maybe hide it completely if you don't know the original creation date?

- In the CRUD table, you should be able to see the name of the OID? But on the other hand, the title is not in the control of the Superior RA, and the CRUD table is actually the allocation table of the Superior RA.

- natOrder() does only work for OID namespace!!! other sort mechanisms are necessary for other object types

- jstree select: automatically scroll down

- jstree: right click "open in new tab" is not possible

- things like RA: show more things, address, email etc.

- note that we (and the RFC) talk about Objects, but actually OIDs only reference objects, but they are not the objects

- Multilang

	* Not yet translated:

		- plugins\publicPages\100_whois\whois\index.php [Problem: This page is kinda standalone and does not include the OIDplus code]

		- vendor\danielmarschall\fileformats\fileformats.conf [Problem: This is a third-party code!]

		- includes\classes\VtsBrowserDownload.class.php [Problem: This is a third-party code!]

	* Is there some useful German translation of the Apache 2.0 license?

- WEID UUID: Show the UUID 2.25/GUID equivalent as alternative ID

- When an OID is edited/added/deleted, don't reload the whole tree. Instead, just change the tree! This looks much more fluid.

- adminPages/902_systemfile_check/OIDplusPageAdminSystemFileCheck.class.php

	Should thumbs.db (case insensitive) and Apple turds be excluded?

	On the other hand, these files could then be used to hide malicious data

UPDATER

- Internal problem with GIT distribution channel:

	The GIT version might be behind the master SVN repository

	So if you do "git pull", the update/index.php page might still show that an update is available!

- add some kind of loading cricle animation or a progress bar during the update

DATABASE

- SQLite3: Implement Natural OID sorting (natSort)

- make usage of Foreign Keys

	PROBLEM: we need foreign keys with no check, because

	a) we want to keep log entries even if an object/user is deleted

	b) log_user.username can also be 'admin' (and therefore not be a foreign key to table 'ra')

	c) not every object should have a registered RA. There should be "unknown" RAs where only the email address is known

FUTURE

- implement sitemaps xml

- admin should be able to change wellknown oids?

- move oid to different arc

- for very large arcs (e.g. PEN): maybe you should not show everything in the tree select?

- support for ORS?

- "Cutting Edge Technologie": AJAX, JSON, completely UTF-8, CRUD frameworks, PDO, HTML5, Mobile Design, Pure CSS, Autoloading, Object Oriented (maybe not MVC, though), Testing, ...

- "Search" plugin: Feature to search inside documentation (doc/ directory)

- "Search" plugin: I want to search in all object types and RAs. Not first select the type.

- How can we make sure that example objects are not exported using oid-info.com export?

- Administrator-Interface: enable and disable object types

- detailled change-history of each oid

BUGS?

- BUG! RA is logged in, then it is deleted => the RA can still edit their OIDs, since their session is not destroyed

- OIDplus does not work in Safari Mobile!

	1. You cannot scroll the OID grid, as the scrolling affects the whole page, not the grid.

	2. JQueryUI sliders cannot be dragged

REJECTED IDEAS

- well known OIDs: Should also the RA address be recorded? (so that you cannot create a 2.999 OID and telling that you are the RA?)

- should there more than one person be able to manage an OID? (multiple emails per "RA" ?)

- record first RA and current RA => X.660 does not have this requirement

- markers DRAFT, LEAF and FROZEN etc. => use "Protected" if you want to make it invisible

- Giving the "goto" argument OIDs instead of names, so that there are no conflict

  with plugin vendors (like it was done with the "plugin" argument at ajax.php)

	Rejected due to following reasons:

	a) The "goto" parameter should usually be human readable (especially since it is shown at the right top)...

	   Having a ViaThinkSoft OID there might get the user confused because they could think that the

	   page is a OID page request for that OID instead of a plugin page.

	b) Vendors should use something like "?goto=oidplus:com.example...."

LOGS

- prune logs entries? automatically prune things like "logged in" but not prune OID changes, etc?

- admin logs: don't show all logs. load more log entries as soon as the page is scrolled down

- when user changed email from "A" => "B", then all previous log events for "A" are not visible for "B" anymore!

	=> should we also change the log entry email address references when the user changes their email address?

- At "oidplus:system_log", user log section and object log section, the users and/or objects should be clickable

IDEAS

- adminPages/800_plugins: We could also list plugins that have been blacklisted in the config? But that is hard to achieve, because these plugins are ignored and not loaded at all

- Similar to Security Event Token, we could issue JWT tokens which log the allocation of an OID to an RA. This signed token can be stored somewhere and can be used to proove the ownership of an OID.

- have an option to assign a custom icon to any object in the system (file attachment with name "icon.*"?). Especially useful for easy visual distinguishing between root objects inside 'Other objects', but may be useful for other object types too.

- Give configuration settings a type (int, bool, enum, etc.) so that the configuration page can be more user friendly (use a checkbox rather than typing "1" and "0")

	Even better: Give plugins the opportunity to display their own config GUI, exactly like OOBE does

- OID-WHOIS: For well-known OIDs, e.g. IANA PEN, show information where to retrieve information

	=> Problem: Well-known OIDs are implemented as ASN/IRI identifiers only; no information in table "objects"!

- Should plugins be able to add additional object sub-nodes/pages into the tree,

  which are not "real" objects? For example, in the object tree,

  you could include file attachments [by File Attachment Plugin].

  Also, Object Type Plugins could add more sub-nodes/pages into the

  tree, for example if you have object types where each object

  consists of various components.

  => currently OIDplus::menuUtils()->tree_populate() handles the object tree loading

     ... but shouldn't this task do the plugin publicPages/000_objects ?

     ... then we could establish an API which can give object type plugins the possibility to add additional children

- Hide/Proxy RA E-Mails from public requests

- let users choose their own creation arc

- system guid (name based pubkey)?

- In regards multilinguality: Allow "oidplus_base$dede.css", so that languages can have their own CSS (e.g. wider "Go" button)

	But this means that a language change also need to reload the style sheet (like the color-plugin does when you click "Test")

- when an object was not found, the error message could show the next possible known object (like WebWHOIS does)

- the "goto" quickbar (at the top right) could also be used to search something ...

- ... alternatively, the "object not found" error page could link to the search plugin

- make color plugin available for everyone. Admin may permanently save the colors, but users should be able to set their own theme, saved via cookies

- there should be a form where an RA can request an invitation, even if the superior RA did not invite them.

  the fact that a RA exists in the Object Table should permit the RA to invite theirself.

- make a list of OIDs that do not assign ASN1/IRI identifiers (e.g. IANA PEN or ViaThinkSoft FreeOID), then reject any identifier the user provides

- sanitize IPv4, IPv6, GUID during creation

	bei IPv4 und IPv6: - if it is a single host address, don't put /32 or /128 suffix

	                   - strike unnecessary bits that are not defined in the netmask (also at the whois output)

- let the sysadmin decide if they want the title be "systemtitle - object title" or "object title - systemtitle"

- should a RA be able to mark their own oid as confidential, instead of asking the superior RA?

- should there be an OIDplus project page at oidplus.viathinksoft.com instead of a "naked" system?

- vendor signature to plugins + viathinksoft signatures + "check" program if all signatures match

	Why do we need it?

		We want to make sure that the OIDplus files aren't modified by hackers (e.g. replaced by a webshell)

		Unfortunately, we can only verify our own files. Plugins by vendors cannot be checked.

	Problem:

		We cannot store the ViaThinkSoft public key or the checking-tool in the OIDplus directory,

		because then they could be altered by the hacker.

		We also cannot add a "verified" icon in the "Plugins" admin section,

		because this could also be fake.

		The only solution to verify the OIDplus installation is to run a tool that

		is downloaded on-demand over a secure connection.

	Solution:

		1. The OIDplus installation contains a file "signature.md5" that contains the MD5 sums of all files.

		   The whole file is RSA signed with a ViaThinkSoft key.

		2. We should offer a tool which can be started on-demand by running something like:

		   curl -sSL https://oidplus.viathinksoft.com/signature_check/ | bash

		   This tool contains a check procedure and the ViaThinkSoft public key,

		   and verifies the OIDplus installation.

		3. The tool should also warn if there are missing or additional files,

		   because some additional files may be executed (e.g. if they are located in includes/db_updates/)

		4. With every new release of OIDplus, this file must be re-generated!

- have a menu item (plugin) "latest updates" which lists OIDs that have been changed or added recently?

- (unsure:) would it be good if the superior RA comment is shown in the object page itself?

- Protect attachments with a password? (Information objects?)

- IPv4/IPv6 plugin: Should we allow that private IPs are put into categories (e.g. different physical locations having the same subnet?)

- Like in OOBE, plugins should give the possibility to add an individual UI in the "oidplus:edit_config" page

- Login area: The "administrator" node in the treeview could be clicked, leading to a page that contains a link to all sub pages (big icons ordered in a grid?)

- "Invisible/service" plugin type, like page plugins, but they have no gui() method. They can be used for a simple task like extending HTTP headers

QUESTIONS

- should the collation be case sensitive or case insensitive? For Java package names, it should be case senstivie

- use word "guid" or "uuid"?

- should "OID updated" be split into two categories "updated by superior" (e.g. identifiers) and "updated by owner" (description etc)?

- Don't renew "updated" field if you just click "Update" but didn't change anything (e.g. because you just wanted to send an invitation again)

- "Documents" section: Can base of URLs/images inside the HTML be changed automatically?

PRIVACY

- bring back "vendor/cookiecontent"? DM 28 May 2019: Removed CookieConsent temporarily, because it is placed at the beginning of the page and therefore ruins the Google index ...

	=> We might not need it, because cookies are only set during login, and at the login page itself, we already warn about cookies, in addition to the Privacy documentation

- Cookie law:

	Download CookieConsent code into vendor folder, do not hotlink it

	we need to log all consents

	do we need an explicit consent at the login form?

	do we need a consent for the cookie SSL_CHECK?

GUID Management

- Leaf nodes (GUIDs) should show/edit the Title in the CRUD, so you dont have to click the GUID to see the title

- weird bug: when i edit "guid:oidplus", then, after reload the treeview after the update, "guid:activedirectory" will be opened. somehow, the last opened node will be opened during the reload?!